CVE-2019-10564
HIGH
7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
MEDIUM
4,6
Source: [email protected]
Access Vector: local
Access Complexity: low
Authentication: none
Confidentiality: partial
Integrity: partial
Availability: partial
Description
AI Translation Available
Possible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0004
Percentile
0,1th
Updated
EPSS Score Trend (Last 90 Days)
125
Out-of-bounds Read
DraftCommon Consequences
Security Scopes Affected:
Confidentiality
Availability
Other
Potential Impacts:
Read Memory
Bypass Protection Mechanism
Dos: Crash, Exit, Or Restart
Varies By Context
Applicable Platforms
Languages:
C, C++, Memory-Unsafe
Technologies:
ICS/OT
Operating System
Sdm670 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sdm670_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sda845 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sxr1130 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Qcs405 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Nicobar Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:nicobar_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sdm439 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sm6150 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sa6155P Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sdm450 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sdm450_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sm8150 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Msm8917 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sdm429 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sxr2130 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sdm632 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sdm632_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Apq8053 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Qcs605 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Msm8953 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Apq8009 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sdm710 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sm8250 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sm8250_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sdm845 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sdx55 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Qm215 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sm7150 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sdx24 Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Msm8909W Firmware by Qualcomm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulle…
https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulle…